TopTgm
kubesploit

Kubesploit

Locale: en
Subscribers:1.78K
Category: technology
Description:
News and links on Kubernetes security curated by the https://kubesploit.io/
Kubernetes profiling, enabled by default in the API server, scheduler, controller-manager, etc., can pose a security risk if not properly managed.

While the information is gated behind authz & authn, certain clusters can still be vulnerable to attacks.

More:
10/24/2024, 6:06:09 PM
This week's 6 best Kubernetes vacancies that focus on security are:

DevSecOps Engineer with Worldcoin
πŸ’° $236K to $323K a year
🏠 From the office in San Francisco, CA, USA
β†’

DevSecOps Engineer with Gemini
πŸ’° $248K to $310K a year
πŸ‘¨β€πŸ’» Remote from the United States
β†’

DevSecOps Engineer with Uniswap Labs
πŸ’° $264K to $294K a year
🏠 From the office in New York, NY, USA
β†’

DevSecOps Engineer with CoreWeave
πŸ’° $240K to $275K a year
πŸ πŸƒπŸ»β€β™‚οΈπŸŒŽ Roseland, NJ / Brooklyn, NY / Sunnyvale, CA / Bellevue, WA, USA
β†’

πŸ‘‰ Browse all 1302 Kubernetes jobs on Kube Careers
10/23/2024, 9:41:03 PM
This tutorial demonstrates how to set up a zero-trust Kubernetes ingress with Tailscale operator, cert-manager, and external-dns.

The configuration enables easy and rapid deployment of private ingresses accessible only to authorized devices.

More:
10/23/2024, 6:11:03 PM
This week on the Learn Kubernetes Weekly:

πŸš‰ How we are managing a container platform
πŸ’§ Leaky Vessels deep dive: escaping from Docker one syscall at a time
πŸ•΅οΈβ€β™€οΈ How to inspect Kubernetes networking
πŸ”§ Removing specific images from all Kubernetes nodes
🌎 Kubernetes resiliency (RTO/RPO) in multi-cluster deployments

Read it now:

πŸ™ Many thanks to StormForgeIO for supporting our work and sponsoring this issue. Make sure to check out their platform to optimise resources and save on your cloud spend
6/5/2024, 12:55:05 PM
The "TunnelVision" attacks reinforce the need for a new security paradigm.

In this article, you will explore how this type of attack can be mitigated in the future and what tools you need.

More:
6/4/2024, 6:05:06 PM
In this KubeFM episode, Hans, a Principal Cloud engineer, shares his experiences empowering teams to use, build and manage platforms built on Kubernetes.

You will learn:

- How OpenTelemetry and Prometheus shape cluster management and observability.
- The role of tools like ArgoCD and Flux in enabling GitOps and streamlining deployment processes.
- The significance of governance tools such as Gatekeeper and OPA for secure and validated resource creation.
- The benefits of Custom Resource Definitions (CRDs) and operators in automating processes and enhancing the developer experience.

Watch (or listen to) it here:

πŸ™ Many thanks to Sysdig for supporting our work and sponsoring this episode. Make sure to check out their Kubernetes security checklist

With "Zero certified" Farrell
6/4/2024, 12:05:25 PM
In this article, you will learn about Istio AuthorizationPolicies and how they function, as well as use an alternative approach to declare them using IBAC (Intent-Based Access Control)

More:
5/31/2024, 6:09:03 PM
Ben Hirschberg, ARMO's CTO, discusses managing network policies at scale By monitoring development and staging clusters and analyzing application behaviour.

This automated process ensures robust network segmentation, closely aligning with zero-trust principles.

Watch the full interview:

This interview is a reaction to Ori's episode
5/31/2024, 4:14:29 PM
The article discusses automating the building, signing, and verifying of Docker images using tools like Kaniko, Cosign, and Kyverno.

It explains how these tools can be integrated into a GitLab CI/CD pipeline to improve efficiency and security.

More:
5/30/2024, 6:06:03 PM
This week's 6 best Kubernetes vacancies that focus on security are:

DevSecOps Engineer with Applied Intuition
πŸ’° $65K to $400K a year
🏠 From the office in Mountain View, CA, USA
β†’

DevSecOps Engineer with Hyperscience
πŸ’° $190K to $260K a year
πŸ‘¨β€πŸ’» Remote from the United States
β†’

DevSecOps Engineer with Crusoe
πŸ’° $210K to $240K a year
🏠 From the office in San Francisco, CA, USA
β†’

DevSecOps Engineer with Opal Security
πŸ’° $140K to $260K a year
πŸ πŸƒπŸ»β€β™‚οΈπŸŒŽ San Francisco, CA / New York, NY, USA
β†’

DevSecOps Engineer with iHerb
πŸ’° $162.19K to $221.17K a year
🏠 From the office in Irvine, CA, USA
β†’

πŸ‘‰ Browse all 442 Kubernetes jobs on Kube Careers
5/29/2024, 9:10:03 PM
Learn how Snyk security researchers uncovered the Leaky Vessels container breakout Docker vulnerabilities that allow a malicious attacker to break out of a container environment with a controlled Dockerfile under docker build and docker run.

More:
5/29/2024, 6:05:06 PM
This week on the Learn Kubernetes Weekly:

πŸ₯· Kubernetes webhook used by attackers
πŸ‘¨πŸ»β€πŸ’Ό When is admin not admin? When it's super-admin!
πŸ“† Kubernetes HPA based on events in Google Calendar
πŸ”€ Seamless data exchange with Kafka Connect and Strimzi on Kubernetes at Decathlon
πŸ›‘ Database in Kubernetes: is that a good idea?

Read it now:

πŸ™ Many thanks to Otterize for supporting our work and sponsoring this issue. Make sure to check out their intent-based access control platform (and related open-source projects)
5/29/2024, 12:35:04 PM
This week's 6 best Kubernetes vacancies that focus on security are:

DevSecOps Engineer with Anthropic
πŸ’° $300K to $405K a year
πŸ πŸƒπŸ»β€β™‚οΈπŸŒŽ San Francisco, CA / New York, NY, USA
β†’

DevSecOps Engineer with Plaid
πŸ’° $215.3K to $322.9K a year
πŸ‘¨β€πŸ’» Remote from the United States
β†’

DevSecOps Engineer with Applied Intuition
πŸ’° $65K to $400K a year
🏠 From the office in Mountain View, CA, USA
β†’

DevSecOps Engineer with Hyperscience
πŸ’° $190K to $260K a year
πŸ‘¨β€πŸ’» Remote from the United States
β†’

DevSecOps Engineer with Crusoe
πŸ’° $210K to $240K a year
🏠 From the office in San Francisco, CA, USA
β†’

πŸ‘‰ Browse all 447 Kubernetes jobs on Kube Careers
5/1/2024, 9:10:05 PM
Container image hardening involves adhering to best practices, monitoring vulnerabilities, and enhancing container security.

This article provides guidelines to mitigate risks in running Docker containers in production.

More:
5/1/2024, 6:05:07 PM
This week on the Learn Kubernetes Weekly:

πŸ‘† Moving up the stack
βœ‚οΈ Cut container startup time
😈 Abusing Distroless
πŸ₯· Hacking Kubernetes in AWS
πŸ€” 2vCPU app run faster in a VM than in a container

Read it now:
5/1/2024, 11:55:09 AM
KBOM (Kubernetes Bill of Materials) is a CLI tool that can generate a software bill of materials for your Kubernetes cluster.

More:
4/30/2024, 6:05:03 PM
In this KubeFM episode, Alexander Block delves into the intricacies of Kubernetes templating and deployment tools, sharing his journey from frustration with existing solutions to creating his tool, kluctl.

Alex also discusses the challenges and solutions in Kubernetes templating and deployment, emphasizing the need for more adaptable tools in the Kubernetes ecosystem.

You will learn:

- The fundamental flaws of Helm and how they impact Kubernetes deployments and tools packaging.
- How tools such as Kustomize, CUE, jsonnet are only a partial solution to templating.
- Alternatives to Helm and the future of Kubernetes resource templating and distribution.

Watch (or listen to) it here:
4/30/2024, 1:13:27 PM
This article teaches how to use the Secrets Store CSI driver to mount secrets to Kubernetes pods and covers how to configure and simulate the CSI driver failover feature.

More:
4/29/2024, 6:08:04 PM
In this article, you'll learn how to secure EKS by intentionally attaching the wrong policies to pods and hacking the cluster.

You will misconfigure AWS Identity and Access Management (IAM) roles for the service accounts (IRSA) feature.

More:
4/26/2024, 6:06:07 PM
This article argues, and demonstrates that Distroless containers are not immune to unconventional hacking methods just because shell programs aren't included in the image.

More:
4/25/2024, 6:08:05 PM

Related Groups

SHIBARIUM TECH
SHIBARIUM TECH
technology26.75K

Group for  projects building on shibarium. Do your own research and be careful from scams. Shib admins will never DM you and are not responsible for SCAMTWITTER: @shibariumtechGroup link: t.me/+u2gOwsAGtANlNjBhDear Shibarium members, We are pleased to inform you that $BONE withdrawals and deposits for Shibarium are once again operational on gate.ioThank you for your patience and continued support.

The Job Overflow - Recently asked Problems
The Job Overflow - Recently asked Problems
technology6.12K

The right package for interview help to switch to Product Based Companies led by Tech Professionals. We provide OAs and interview experience, and post it at thejoboverflow.com, and notify in the TGVisit the Pinned messages for our Community Guidelines ?I don't know if there is a simpler way, but I know a way of changing profile picture. TJO profile picture is linked to gravatar. 1.So go to gravatar. Com 2.Sign in with email you registered tjo with3.change profile picture at gravatar. That's all!Thanks for showing such mad excitement! We've now got some exciting news to share. The first-ever Masterclass by AlgoUniversity is all set to take place. Join us in this Resume Crafting session by none other than Manas Sir himself!Yep, you heard it right! Manas Sir is ready for spilling all his insider secrets on how he nailed his resume that made him travel to not one, not two, but three different countries ✈️. It's an exclusive opportunity to learn from the best!

Technology Vikram OFFICIAL
Technology Vikram OFFICIAL
technology483

All about update redmi phones & othersAbu Dhabi to Dubai Travelling Vlog (Burj Khalifa, Bus, Metro, Trams, Beach Tour) - UAE Tour ?????Awaken OS v2.6 Eclipse - Android 12.1 on POCO F1 - Antutu, GCam, BGMI Gaming Review ????Corvus OS vS2.1 Revolt Android 12L for POCO F1 (Antutu, GCam, BGMI Gaming Review) ????How to Install Corvus OS vS2.1 Revolt Android 12L for POCO X3 (Surya/Karna) Best ROM Installation ??Abu Dhabi Tour (UAE) Second Vlog Best View - Best Tourist Place - Best Information ?????I am in Dubai (My First Vlog) Sorry for the Late Video - UAE Tour ?????ProtonPlus - Android 12 for Redmi Note 7 Pro - Antutu, GCam, BGMI Gaming Review ???Redmi Note 8 Pro : Corvus OS vS2.1 (Revolt) Android 12L - Antutu, GCam, BGMI 90fps Gaming Review ???Redmi Note 8 Pro : How to Install Corvus-OS vS2.1(Revolt) - OFFICIAL (Gaming ROM) ???

AlgoTech (ALGT)
AlgoTech (ALGT)
technology12.39K

A decentralized algorithmic crypto trading platform to revolutionize trading and investment with innovative technologies and automation??STAGE 3 Extension??Hello Everyone,We're delighted to share some exciting news with you!????First and foremost, we're pleased to announce that all dividends have been successfully released and paid to all investors in levels 1-8! This is just a taste of what's to come – moving forward, you can expect a dividend once per month from the profits generated by our algorithms through our AUM. We hope this news brings a smile to your face!????But wait, there's more! We've got another major update to share. We've recently sold off our entire Stage 4 token supply to an institutional client (family office). While they initially expressed interest in purchasing the entire supply during presale, they've settled for Stage 4 instead. Due to this exciting development and the numerous requests we've received, we've made the decision to extend the presale until Stage 3 sells out.??Currently, there are only around 30,000,000 ALGT tokens left in Stage 3. Instead of burning these tokens, we're offering you the incredible opportunity to purchase them at $0.08 each before we release the token on DEX for $0.15. This is your chance to get in early and secure your investment at a discounted rate!????We truly hope you appreciate these decisions as much as we do, and we're counting on your support to help us sell out this stage as soon as possible.????In addition to these developments, I am pleased to announce that the initial token airdrop is scheduled to occur within the next 10 days. This milestone represents the commencement of token distribution, a pivotal moment in our journey together.????We are deeply encouraged by these advancements and remain steadfast in our commitment to delivering value to our investors. Your continued support is paramount as we navigate this transformative phase.????Thank you for your confidence in our vision.Let's make this happen together!

UKISS Technology
UKISS Technology
technology2.94K

UKISS Technology is dedicated to building the next gen decentralised security ecosystem. Powered by the KISS Token, our suite of hardware and software solutions will make top-notch digital security accessible for everyone.GM squad! ? To facilitate better communications and engagements, we are moving our interactions from Telegram to DiscordThis Telegram Group will be switched into an Announcement Channel on 15 March 2024.Head over to Discord and join our UKISS Technology Server today! There will be so much alphas, games and incentives you definitely don’t want to miss out ??

$BNRY by The Binary Holdings
$BNRY by The Binary Holdings
technology44.32K

The Binary Holdings, together with its subsidiaries, engages in the digital social, digital tech & products, and digital financial service businesses in Southeast Asia, Middle East, Africa, rest of Asia, and internationally.https://www.thebinaryholdings.

This website is not affiliated with Telegram. Visual content shown here might be copyrighted by rightful owners. No infringement intended.
DISCLAIMER: Infos without tag OFFICIAL posted on website are public, and wo are not responsible for the content on their media. Join or subscribe the info there maybe some risk with you. If you have any issueContact UsPlease!